…Reported attacks
on financial institutions in Britain have risen from just 5 in 2014 to 75 so
far this year, data from Britain’s Financial Conduct Authority (FCA) show.

However, bankers and experts in cyber-security say many
more attacks are taking place. In fact,
banks are under almost constant attack, Shlomo Touboul, Chief Executive of
Israeli-based cybersecurity firm Illusive Networks said.

Touboul cites the example of one large global financial
institution he works with which experiences more than two billion such “events” a month, ranging from an
employee receiving a malicious email to user or system-generated alerts of
attacks or glitches.

Machine
defenses filter those down to 200,000, before a human team cuts that
to 200 “real” events a month, he added.

U.S. officials said Samsung Electronics Co.Galaxy
Note 7 cellphones will be banned from airline flights from noon ET on Saturday.

Transportation Secretary Anthony Foxx said in a statement
that passengers who try to carry the phones onto flights could have them confiscated
and face fines or possible prosecution if they try to evade the emergency order
by placing them in checked luggage.

My Ethical Hacking students know this is one of the best
places to discover weaknesses.I suspect
Russian hackers know it too.

Information technology
shortcomings within the Secret Service mean the potential still exists for employees
to improperly access the agency’s restricted database, as agents did last year
when they leaked unflattering information about House Oversight Chairman Jason
Chaffetz, according to a new inspector
general’s report.

The Department of Homeland
Security Inspector General has found that even after last year’s embarrassing
incident, the Secret Service still does not have adequate controls in
place to protect sensitive information it stores in its databases.

Missouri school districts need to
tighten controls over student data and other information to help ensure they do
not fall into the wrong hands for the wrong purpose, a state audit said Thursday.

Using information she gleaned
earlier this year from audits on five districts, including Orchard Farm in St.
Charles County, state Auditor Nicole Galloway said schools need to pay more
attention to cybersecurity in several areas including who has access to the
information and what needs to be done when a breach is discovered.

…As anyone who is
reading this undoubtedly knows, the Second
Circuit’s opinion limits the government’s warrant authority under the
Stored Communications Act (SCA) to data that is held within the United States. If a US-based service provider stores
communications content outside the United States, the US government can no
longer compel the production of that data directly from the provider. It instead must seek the data from the country
where it resides—making a diplomatic request through the time-consuming and
often laborious the Mutual Legal Assistance (MLA) process.

The IRS wasted $12 million on subscriptions for software
that it couldn't utilize, the Treasury Inspector General for Tax Administration
(TIGTA) said in a report made public this week.

"The purchase was made without first determining
project infrastructure needs, integration requirements, business requirements,
security and portal bandwidth, and whether the subscriptions were
technologically feasible on the IRS enterprise," TIGTA said.

Now the team behind the project is taking it a step
further and open-sourcing the code used to create the bot. As of this week, the Drupal
module is up on GitHub,
complete with step-by-step instructions.

Credo
Reference is a good reference site for students that I recently learned
about from David
Kapuler. Credo Reference
provides students with reference articles from more than 4,000 reference books.
In that regard Credo Reference is a
search engine for encyclopedia entries.

There are a few features of Credo Reference
that teachers will appreciates. First,
all articles returned in a search provide students with an option to hear the
text read aloud. Second, every article
is accompanied by a list of related terms and links to those related articles. Finally, every article has a pre-formatted
citation listed at the bottom. Students
can copy and paste that citation to use in their works cited pages.

The basic Credo Reference search and the functions highlighted above
are available to anyone visiting the website. Libraries that subscribe to the Credo service
can unlock additional tools for students.

…“One of India’s
largest colleges, Amity University, is expanding into the US
with the purchase of one campus in New York and a proposal to
buy two more, drawing opposition from state officials in Massachusetts
about the quality of the education it will offer,” the
AP reports. More
from Quartz.

…Via
ESPN: “In an unprecedented foray into college sports, the National
Labor Relations Board general counsel has declared that Northwestern
University must eliminate ‘unlawful’ rules governing football players
and allow them greater freedom to express themselves. The ruling, which referred to players as
employees, found that they must be freely allowed to post on social media,
discuss issues of their health and safety, and speak with the media.”

…Via
Inside Higher Ed: “Of the six winners of Nobel Prizes
affiliated with American universities so far this year, all are foreign born.”

Friday, October 14, 2016

You might believe that all of this is old technology is
failing at several airlines simultaneously because all the technology is about the
same age.You might believe that this
technology is relatively easy to hack and these failures suggest someone is
practicing their Cyber War techniques.

…Google said that
it received 44,943 requests from government entities worldwide in the first six
months of the year, up from 40,677 in the previous six month period. The requests affected 76,713 accounts — a
decrease from the previous six months.

The company said it had provided the authorities with some
data in 64 percent of cases. That was
the same rate as in the prior six months.

An interesting article for lawyers defending hackers. (The PDF is online)

On October 7, 2016 the U.S.
government officially called
out Russia and accused it of involvement in cyber attacks against
American political organizations. Two
days prior, at the Virus Bulletin (VB) Conference, Kaspersky Lab
researchers presented a paper on the problems of attribution: Wave Your False Flags!
Deception Tactics Muddying Attribution in Targeted Attacks.

Cyber attack
attribution has long been a thorny problem. It is difficult to develop norms of
international cyber behavior if attackers can hide behind plausible
deniability. Microsoft recently proposed an
independent international committee of experts to ascribe responsibility. The Kaspersky paper, however, questions
whether absolute attribution is even possible.

… It is worth noting that the whole debacle is causing Samsung
an immediate and significant financial blow. On Tuesday, even before the company had
announced the Galaxy Note 7 as a goner, its shares printed an 8% nosedive, the
biggest intraday drop since fiscal 2008. According to analysts at Credit Suisse Group
(NYSE:CS), Samsung could lose a massive $17 billion from the fiasco. In addition, Nomura predicts that the firm’s
mobile division could see its profits plunge by as much as 85% in Q4. There are also concerns that Samsung’s image
as a trusted electronics brand could be negatively effected as a result of the
handset’s production end.

On Oct. 3, ING Group joined a growing number of big
European banks when it announced a big investment in digital technology (800
million euros) and a big reduction in force (11% or 5,800 jobs). “Unfortunately digital transformation means
less jobs,” CFO
Patrick Flynn told Bloomberg Television not very ruefully.

But perhaps not fewer management jobs. “Even as organizations balance lower
investment in traditional operations against greater investment in digital, the
need for operations management will hardly disappear,” write McKinsey
consultants Albert Bollard, Alex Singla, Rohit Sood, and Jasper van Ouwerkerk
in a
new article in McKinsey Quarterly.
“In fact, we believe the need will be
more profound than ever.”

Together, the moves add up to one simple fact and a couple
more less simple questions. The fact is
that even though Softbank is often referred to as a telco company, it no longer
fits that profile. Far from it. The questions are: “If it is not a telco, what
is it then?” and “What on Earth is it going to spend $100 billion on?”

New York's Police Department has joined the modern era. Alongside guns and badges, new officers now
pick up phones when they join the New York City Police Academy. While the obvious choice might seem like an
iPhone or an Android phone, the NYPD has actually picked Microsoft's Windows
Phones for its fight against crime.Windows
Phone market share might have slipped below 1 percent, but CNET
News reports that the NYPD has worked with Microsoft to create apps and
secure the devices.

Cops are using either a Lumia
830 or Lumia
640 XL, equipped with special 911 apps, case management apps, and the
ability to receive assignments, fill out forms or reports on the go, and access
training videos.

Need to brush up on your social media skills? Enrolling in
the new Hootsuite
Academy is one way entrepreneurs can build the expertise they need
to help drive business results using Facebook, Twitter, and other social
networks.

How many people does it take for a 61-year-old burger
maker to tweet? At least a dozen.

Inside a high-tech room at McDonald’s
Corp.’s suburban Chicago
headquarters, employees tap away at computers responding to tweets and
crunching data on what’s trending on social media, long a standard practice at
most consumer companies.

Companies. such as online retailer Zappos.com Inc., coffee
giant Starbucks Corp.and
discount airline JetBlue Airways Corp., have been using social media for years
to manage customer complaints and generate ideas.

But as recently as two years ago, McDonald’s had no way to
consistently track and respond to what is being said about it online, a lost
opportunity for a brand that gets mentioned on social media every one to two
seconds.

…Now, McDonald’s
has a digital media hub in Singapore and London as well as the one in Oak
Brook. It recently hired 200 people from
companies such as Amazon.com Inc.and
PayPal Holdings Inc.to bolster its digital efforts and win back the
millennials it lost to rivals serving fresher food. Just one in five millennials has ever tried
the company’s flagship Big Mac,according to an internal
memo reviewed by The Wall Street Journal.

Data Drive Journalism: “London, Paris, Madrid, New
York…there are a numerous “global cities” that mesmerize us with their power
and opportunity. But what about the
lesser known cities? That can’t boast
such potential? What do we know about
them? To scope out which cities are
forging ahead, and identify those that are falling behind, the Igarapé
Institute has launched one of the world’s most comprehensive city mapping
platforms – Fragile Cities…Leveraging the power of Explorable
Visual Analytics (EVA) – a web application for visualizing and
exploring large and complex datasets – the platform provides an easy mechanism
for users to congest datapoints, drilldown data, and look at different
conceptual zoom layers to get the big picture insights as well as the minute
details. EVA is also optimized for
time-series visualizations – you can explore trends across different time scales
to discover patterns and seasonalities…”

Sort of a geo-selfie? (Is it me or is this data not as easy to find
as the article suggests?)

“From October 7-10, 2016, the National Geodetic Survey (NGS) collected damage
assessment imagery for more than 1,200 square miles in the aftermath of
Hurricane Matthew.The aerial imagery
was collected in specific areas identified by FEMA and the National Weather Service. Select the round icon with directional arrows
using your mouse (or your finger) and slide back and forth to view a “before and after” comparison.“Before” images are provided by Mapbox, Digital Globe, and OpenStreetMap; “After” images were
captured by NOAA’s National Geodetic Survey in the aftermath of Hurricane
Matthew.”

Over the last several years, fact checking has come into
its own. Led by organizations like the International Fact-Checking Network, rigorous fact checks
are now conducted by more than 100 active sites, according to the Duke University
Reporter’s Lab. They collectively
produce many thousands of fact-checks a year, examining claims around urban
legends, politics, health, and the media itself.

In the seven years since we started labeling types of articles in Google News (e.g.,
In-Depth, Opinion, Wikipedia), we’ve heard that many readers enjoy having easy
access to a diverse range of content types. Earlier this year, we added a “Local Source” Tag to highlight local coverage of
major stories. Today, we’re adding
another new tag, “Fact check,” to help readers find fact checking in large news
stories. You’ll see the tagged articles
in the expanded story box on news.google.com and in the Google News & Weather iOS and Android apps, starting with the U.S. and the U.K.

…Vera Bradley announced this morning that, between July 25 and
Sept. 23, hackers gained access to the payment systems in its 112 stores and 44
outlets.

The breach was first discovered on Sept. 15, the company
says, when they were notified by police
of a “potential data security issue” with the retailer’s store network.

After learning of the breach, Vera Bradley says it
notified payment card networks and launched an investigation into the hack.

The probe found unauthorized access to Vera Bradley’s
payment processing system and the installation of a program that looked for
payment card data. The program was
specifically designed to find data in the magnetic strip on a payment
card that may contain the card number, cardholder name, expiration date,
and internal verification code – as the data was being routed through the
affected payment systems.

…Mr. Stumpf won’t
receive a severance package, the bank said. The board, at Mr. Stumpf’s own recommendation,
had previously decided he should relinquish
$41 million in unvested equity, one of the biggest-ever forfeitures of pay
by a bank chief. He still retires with
tens of millions of dollars earned during roughly 35 years at the bank.

…Mr. Stumpf will
walk away with total compensation during his years at Wells Fargo valued at
about $120 million, according to an estimate by Mark Reilly, a managing
director at human-resources consultancy Overture Group LLC. This estimate reflects the value of stock and
stock options as well as retirement benefits and deducts the $41 million Mr.
Stumpf has already forfeited. It is based on the bank’s Wednesday share price.

“Tis a puzzlement!”User ids and passwords match.How
do you know if it came from you?

The company says that nobody
breached its servers, but that it took this step after its security staff
discovered a set of customer details posted online as part of another breach at
another company.

Amazon says those details matched the details of Amazon accounts, and since it had no
way of knowing if those customers reused the same passwords for their Amazon
accounts, it decided to air on the safe side of things and reset
those customers’ passwords, just in case.

Password reset emails started
going out last week, when several users posted screenshots on Twitter, and have
continued to reach users this week.

Attackers are hijacking DVRs, satellite antennas and
networking devices to conduct mass tests of stolen login credentials, according
to research from Akamai Technologies Inc.,the
latest sign that common household gadgets are
being remotely marshaled for malicious activity.

The network security provider on Wednesday said it has new evidence that hackers spent several months or more
manipulating as many as two million “smart” devices in homes and businesses to
test whether stolen usernames and passwords were able to access others’
websites, known as “credential stuffing campaigns.”

A 17-word Facebook reminder contributed
to substantial increases in online voter registration across the country,
according to top election officials.

At least nine
secretaries of state have credited the social network’s voter registration
reminder, displayed for four days in September, with boosting sign-ups, in some
cases by considerable amounts. Data from
nine other states show that registrations rose drastically on the first day of
the campaign compared with the day before.

…As part of a
larger audit of Facebook’s Trending topics, the Intersect logged every news
story that trended across four accounts during the workdays from Aug. 31 to
Sept. 22. During that time, we uncovered
five trending stories that were indisputably fake and three that were
profoundly inaccurate.

…. This Thursday,
President Obama will host the White House Frontiers Conference in
Pittsburgh to imagine the Nation and the world in 50 years and beyond, and to
explore America’s potential to advance towards the frontiers that will make the
world healthier, more prosperous, more equitable, and more secure.Today, to ready the United States
for a future in which Artificial Intelligence (AI) plays a growing role, the
White House is releasing a report on future directions and considerations for
AI called Preparing for the Future of Artificial
Intelligence.

Artificial-intelligence systems can do increasingly
complex tasks but they can’t yet figure much out on their own without help from
humans.

In a paper published Wednesday in the journal Nature,
researchers at Alphabet Inc.’s Google DeepMind describe experimental
software that they say gets closer to that goal and could be more accurate and
less costly than current systems.

As businesses enter the unchartered waters of machine
intelligence – where machines learn by experience and improve their performance
over time – researchers are trying to predict its impact on jobs and work. Optimists
suggest that by taking over cognitive but labor-intensive chores the
intelligent machines will free human workers to do more “creative” tasks, and
that by working side by side with us they will boost our imagination to achieve
more. Experience with Robotic Process Automation (RPA) seems to confirm this
prediction. Pessimists predict huge levels of unemployment, as nearly
half of existing jobs appear prone to automation and, therefore, extinction.

More nuanced analysis points to a less dystopian future
where a great number of activities within jobs will be undertaken by
intelligent systems rather than humans. This view, in effect, calls for a
re-examination of what a “job” actually is: how it is structured, and how it
should be reconfigured, or perhaps redefined, in the age of intelligent
automation.

As a longtime fan, I did vote for beSpacific.I will also look at some new-to-me blogs I
found in the list of nominees.

Twitter user @0x2Taylor posted
exfiltrated data on the file sharing site MEGA twice over the weekend, each
time resulting in the data being taken down very quickly. The data was then released for a third time on
a smaller file sharing website. After
analyzing the dataset, we can confirm that nearly 58 million records contain
full names, IP addresses, dates of birth, email addresses, vehicle data, and
occupations were included in the leak.

Read more on RiskBasedSecurity,
who note that ModB may have dodged a serious bullet, because there was another
table with 258 million records that were being downloaded or
accessed when the entire bucket was pulled offline.

As of today, ModB has not responded to this site’s
original notification to them, alerting them to the leak. Nor have they responded to an inquiry asking
them for a comment or what they intended to do about 58 million people having
their PII exposed.

We need to talk about this guy, ‘foreign power.’Clearly he is acting like a common
criminal.Should we sic Elliot Ness on
him now or wait for him to become a full Tony Montana?

The Australian Cyber Security
Centre has confirmed that a 2015 attack on servers at Australia’s Bureau of Meteorology
was conducted by a “foreign intelligence service.” The attack saw two computers on the BOM’s
network infected with remote access malware, allowing the attacker to search
for, and copy, an “unknown quantity of documents.

Facebook and Twitter are cutting off Geofeedia's access to
their data after an ACLU report that the company created tools to help law
enforcement with surveillance.

The ACLU report
released Tuesday, titled “Facebook, Instagram, and Twitter Provided Data Access
for a Surveillance Product Marketed to Target Activists of Color,” claims
Geofeedia marketed the tool to help police monitor activists particularly
minorities. The company mines social media and location data.

…“Twitter does
have a 'longstanding
rule' prohibiting the sale of user data for surveillance as well as a Developer
Policy that bans the use of Twitter data “to investigate, track or surveil
Twitter users,” a Twitter spokesperson explained in an email.

The tool made use of Geofeedia’s access to Facebook’s
Instagram API and Topic Feed API, as well as searchable access to Twitter’s
database of public tweets — data available to commercial entities with company
approval.

A Facebook spokesperson noted that Geofeedia, “only had
access to data that people chose to make public.”

With this update, any conversation can be configured to
delete sent and received messages after a specified interval. The configuration applies to all parties of a
conversation, and the clock starts ticking for each recipient once they've read
their copy of the message.

…This release
also includes support for Signal Protocol's numeric fingerprint format, which
are called "safety numbers" in Signal.

Safety numbers can be verified by either scanning a QR
code or by reading a string aloud.

Cyber-security firm
Symantec Corp said on Tuesday that a second hacking group has sought to rob
banks using fraudulent SWIFT messages, the same approach that yielded $81 million
in the high-profile February attack on Bangladesh's central bank.

Symantec said that a group
dubbed Odinaff has infected 10 to 20 organizations with malware that can be
used to hide fraudulent transfer requests made over SWIFT, the messaging system
that is a lynchpin of the global financial system.

…The
company in May said it believed the Bangladesh heist was carried out by a group
known as Lazarus, which was also responsible for attacks on SWIFT customers in
Southeast Asia as well as the 2014 hack of Sony Pictures Entertainment.

The U.S. government has
blamed North Korea for the Sony attack.

This is not as hard as this article make it seem.It does require managers to manage. An unused tool is worthless.

Samsung Electronic Co.’s
botched recall of its Galaxy Note 7 smartphone is putting a spotlight on
supply-chain oversight and raising questions about the ability of today’s
technology and management tools to help companies maintain quality control in
giant complex networks of suppliers—as when products are being built and
upgraded more swiftly.

The Federal Communications Commission (FCC)
announced on Tuesday that it has a reached a $2.3 million settlement
with Comcast Corporation over charges for services that customers never
authorized.

It’s the largest fine the FCC has ever levied against a
cable company.

“The Communications Act and the FCC’s rules prohibit a
cable provider from charging its subscribers for services or equipment they did
not affirmatively request, a practice known as ‘negative option billing,’ ” a
statement from the FCC said.

…The Comcast
representative said the company is overhauling its customer service process.

“We have retrained our reps, and we’re providing specific
information to customers on the phone,” the representative said. “We have a way for them to quickly get things
resolved if there is something that they didn’t know about on their bill.”

…The Seattle
company aims to build small brick-and-mortar stores that would sell produce,
milk, meats and other perishable items that customers can take home, these
people say. Primarily using their mobile phones or, possibly, touch screens
around the store, customers could also order peanut butter, cereal and other
goods with longer shelf lives for same-day delivery.

For customers seeking a quicker checkout, Amazon will soon
begin rolling out designated drive-in locations where online grocery orders
will be brought to the car, the people said. The company is developing
license-plate reading technology to speed wait times.

Faced with the claim that AI and robots are poised to
replace most of today’s workforce, most mainstream professionals
— doctors, lawyers, accountants, and so on — believe they will emerge
largely unscathed. During our consulting
work and at conferences, we regularly hear practitioners concede that routine
work can be taken on by machines, but they maintain that human experts will
always be needed for the tricky stuff that calls for judgment, creativity, and
empathy.

Our
research and analysis challenges the idea that these professionals will be spared.We expect that within decades the
traditional professions will be dismantled, leaving most, but not all,
professionals to be replaced by less-expert people, new types of experts, and
high-performing systems.

Sqworl is
a free bookmarking tool for teachers and students. In Sqworl you can create
groups or bundles of bookmarks to share with your students and or colleagues. It provides a convenient way for you or your
students to share collections of resources created while researching or
browsing the web. As is demonstrated in
my video below, Sqworl has a nice feature that lets you add descriptive notes
to each visual bookmark within your Sqworl bundles. Watch my video embedded below to learn more.

Stack
Overflow, the community site best known for providing answers for all of
your random coding questions, also has a thriving jobs board and provides
services to employers looking to hire developers. Today, the team is expanding the jobs side of
its business with the launch of Developer
Story, a new kind of resume that aims to free developers from the
shackles of the traditional resume.

…Developer Story
offers two views: a traditional resume view for employers and a more modern
timeline view. It’s the timeline view
that emphasizes your achievements, but even the traditional view puts its
emphasis on which projects you have contributed to, which languages you’ve
used, which questions you’ve answered on Stack Overflow, etc.What’s important to note is that it’s the
developers who gets to choose which accomplishments they want to highlight to
potential hiring managers.

…If you want to
give it a try, the new service is now available
on Stack Overflow; like all of the company’s other services for
developers, it’s available for free.

Links

About Me

I live in Centennial Colorado. (I'm not actually 100 years old., but I hope to be some day.) I'm an independant computer consultant, specializing in solving problems that traditional IT personnel tend to have difficulty with... That includes everything from inventorying hardware & software, to converting systems & data, to training end-users. I particularly enjoy taking on projects that IT has attempted several times before with no success. I also teach at two local Universities: everything from Introduction to Microcomputers through Business Continuity and Security Management. My background includes IT Audit, Computer Security, and a variety of unique IT projects.